jvndb-2006-000622
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
dotProject cross-site scripting vulnerability
Details
dotProject, an open source project management tool, contains a cross-site scripting vulnerability. As of June 5, 2006, it is confirmed that Internet Explorer is affected by this vulnerability. It is also confirmed that Mozilla Firefox and Opera are not affected by this vulnerability.
References
JVN http://jvn.jp/en/jp/JVN97636431/index.html
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2851
NVD http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2851
SECUNIA http://secunia.com/advisories/20418
BID http://www.securityfocus.com/bid/18275
FRSIRT http://www.frsirt.com/english/advisories/2006/2124
Impacted products
dotProjectdotProject
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000622.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "dotProject, an open source project management tool, contains a cross-site scripting vulnerability.\r\n\r\nAs of June 5, 2006, it is confirmed that Internet Explorer is affected by this vulnerability.  It is also confirmed that Mozilla Firefox and Opera are not affected by this vulnerability.",
  "link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000622.html",
  "sec:cpe": {
    "#text": "cpe:/a:dotproject:dotproject",
    "@product": "dotProject",
    "@vendor": "dotProject",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2006-000622",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN97636431/index.html",
      "@id": "JVN#97636431",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2851",
      "@id": "CVE-2006-2851",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2851",
      "@id": "CVE-2006-2851",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/20418",
      "@id": "SA20418",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/18275",
      "@id": "18275",
      "@source": "BID"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2006/2124",
      "@id": "FrSIRT/ADV-2006-2124",
      "@source": "FRSIRT"
    }
  ],
  "title": "dotProject cross-site scripting vulnerability"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.